using Microsoft.Extensions.Configuration;
using Microsoft.Extensions.Hosting;
using System;
using DotNetEnv;
namespace Inventory.Core
{
///
/// Sets up application secrets from .env file in Development or HashiCorp Vault in Production.
///
public static class EnvironmentBuilder
{
// Define the keys for your secrets
private const string _dbConnectionString = "DB_CONNECTION_STRING";
private const string _slurpitUrl = "SLURPIT_URL";
private const string _slurpitApiKey = "SLURPIT_API_KEY";
private const string _updateIntervalMinutes = "UPDATE_INTERVAL_MINUTES";
///
/// Loads secrets into static properties based on the hosting environment.
///
public static void SetupEnvironment(IHostEnvironment environment)
{
if (environment.IsDevelopment())
{
// In Development, load secrets from the .env file.
Env.TraversePath().Load();
// Assign to static properties
Secrets.DbConnectionString = Environment.GetEnvironmentVariable(_dbConnectionString);
Secrets.SlurpitUrl = Environment.GetEnvironmentVariable(_slurpitUrl);
Secrets.SlurpitApiKey = Environment.GetEnvironmentVariable(_slurpitApiKey);
int.TryParse(Environment.GetEnvironmentVariable(_updateIntervalMinutes), out var interval);
Secrets.UpdateIntervalMinutes = interval > 0 ? interval : 60; // Default to 60 minutes
}
else
{
// In Production/Release, fetch secrets from Vault.
// --- Provide your Vault details here ---
// WARNING: For production, it's strongly recommended to use environment variables
// or another secure configuration method instead of hardcoding the Vault URL.
var vaultUrl = "http://your-vault-address:8200";
var tokenPath = Path.Combine(Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), "InventorySuite", "Vault", "vault-agent-token");
var mountPath = "your-mount-path"; // e.g., "ihris-prod"
var secretPath = "your-secret-path"; // e.g., "db_credentials"
if (vaultUrl.Contains("your-vault-address") ||
mountPath.Contains("your-mount-path") ||
secretPath.Contains("your-secret-path"))
{
throw new InvalidOperationException("Vault is not configured. Please update the hardcoded values in EnvironmentBuilder.cs before running in a non-development environment.");
}
try
{
var vaultService = new VaultService(tokenPath, vaultUrl);
var secret = vaultService.GetSecret(mountPath, secretPath);
// Assign to static properties from Vault
Secrets.DbConnectionString = vaultService.GetSecretValue(secret, _dbConnectionString);
Secrets.SlurpitUrl = vaultService.GetSecretValue(secret, _slurpitUrl);
Secrets.SlurpitApiKey = vaultService.GetSecretValue(secret, _slurpitApiKey);
int.TryParse(vaultService.GetSecretValue(secret, _updateIntervalMinutes), out var interval);
Secrets.UpdateIntervalMinutes = interval > 0 ? interval : 60; // Default to 60 minutes
}
catch (Exception ex)
{
throw new InvalidOperationException("Failed to retrieve secrets from Vault.", ex);
}
}
}
}
///
/// A static class to hold application secrets.
///
public static class Secrets
{
public static string? DbConnectionString { get; set; }
public static string? SlurpitUrl { get; set; }
public static string? SlurpitApiKey { get; set; }
public static int UpdateIntervalMinutes { get; set; }
}
}